An expired certificate has led to the repeated removal of linked American Express credit cards from user's Google Pay accounts. | Continue reading
The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications. | Continue reading
Microsoft has released Windows Terminal 1.7 and Windows Terminal Preview 1.8 with some long-awaited features and improvements. | Continue reading
Cryptocurrency rewards platform Celsius Network has disclosed a security breach exposing customer information that led to a phishing attack. | Continue reading
This month, Amazon has announced plans to phase out support for the Mozilla Firefox web browser app on its Fire TV product line. The company has decided to no longer support the Mozilla Firefox browser in a bid to promote its Amazon Silk web browser app to customers, effective at … | Continue reading
Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. | Continue reading
Microsoft Edge's new child-friendly 'Kids Mode' is now generally available and has begun rolling out to users in the USA. | Continue reading
The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies. | Continue reading
A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilities in attacks against … | Continue reading
Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS. | Continue reading
A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. | Continue reading
Makers of Vivaldi and Brave web browsers have rejected Google's new privacy-preserving proposal called FLoC, which is meant to replace third-party tracking cookies across websites on browsers, including Chrome. | Continue reading
A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners. | Continue reading
Capcom has released a new update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. | Continue reading
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. | Continue reading
Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. | Continue reading
A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npm component, download … | Continue reading
Today is Microsoft's April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won't be any easier, so ple … | Continue reading
Microsoft has confirmed that today's release of mandatory Patch Tuesday updates will automatically remove Edge Legacy and replace it with the new Chromium-based Edge. | Continue reading
Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain. | Continue reading
Adobe has released security updates that address security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. | Continue reading
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. | Continue reading
Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. | Continue reading
A security researcher has dropped a zero-day remote code execution vulnerability on Twitter that works on the current version of Google Chrome and Microsoft Edge. | Continue reading
In future versions of Windows 10, Microsoft has removed the venerable 'Administrative Tools' and added a new 'Windows Tools' control panel with almost double the number of tools promoted within it. | Continue reading
A group of security researchers known as the Secret Club took it to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. | Continue reading
A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets. | Continue reading
Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. | Continue reading
Did you miss the chance to browse the web when sites looked more like they belonged to hobbyists rather than billion-dollar companies? Now you experience web browsing in the 90s with this free service. | Continue reading
Mozilla volunteers have recently been flooded with requests by online merchants and marketers for their domains to be added to what's called a Public Suffix List (PSL) due to recent privacy changes brought forth by Apple's iOS 14.5. | Continue reading
Microsoft has reminded users that Windows 10, version 1909 (also known as the November 2019 Update), will reach the end of service next month, in May 2021. | Continue reading
More than 500,000 Huawei users have downloaded from the company's official Android store applications infected with Joker malware that subscribes to premium mobile services. | Continue reading
Later this year, Windows 10 is getting a new feature that will enable a Google Discover-like newsfeed on the taskbar. This feature is officially called "News and Interests" and it will give news stories, sports scores, finance and weather information. | Continue reading
Security researchers found malware embedded within the official application of APKPure, a popular third-party Android app store and an alternative to Google's official Play Store. | Continue reading
Windows 10 will soon let you select pre-configured categories, such as Gaming and Business, that tell the operating system how you plan on using the device. | Continue reading
Ransomware attacks continue over the past two weeks with a continuation of the massive initial ransom demands we have seen recently. | Continue reading
The FBI arrested a Texas man on Thursday for allegedly planning to "kill of about 70% of the internet" in a bomb attack targeting an Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. | Continue reading
Leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today. | Continue reading
Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. | Continue reading
The American Society for Clinical Pathology (ASCP) disclosed a payment card incident that impacted customers who entered payment info on its e-commerce website. | Continue reading
Zerodium has announced today an increased interest in exploits Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. | Continue reading
A new video released by Elon Musk's Neuralink shows a monkey playing Pong using its mind and embedded brain-human interface. | Continue reading
Pwn2Own 2021 ended with contestants earning a record $1,210,000 for exploits and exploits chains demoed over the course of three days. | Continue reading
The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments. | Continue reading
Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks. | Continue reading
The hacking spree targeting underground marketplaces has claimed another victim as a database from card shop Swarmshop emerged on another forum. | Continue reading
Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan. | Continue reading
Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents. | Continue reading